VB Blog

DMARC: an imperfect solution that can make a big difference

Posted by Martijn Grooten on Jul 24, 2017

US Senator Ron Wyden has asked the Department of Homeland Security to implement DMARC. Martijn Grooten looks at what difference this could make for phishing attacks impersonating the US federal governent.

Posted by Martijn Grooten on Jul 20, 2017

Unsurprisingly given today's threat landscape, the VB2017 programme contains several talks on various advanced persistent threats - but also a talk on what may be the polar opposite of such threats: an inept persistent threat.

Posted by Martijn Grooten on Jul 18, 2017

Password security advice focuses too much on password strength and too little on avoiding password reuse, Martijn Grooten argues.

Posted by Martijn Grooten on Jul 17, 2017

Though the location will remain a secret for a few more months, we are pleased to announce the dates for VB2018, the 28th Virus Bulletin International Conference.

Posted by Martijn Grooten on Jul 10, 2017

The second edition of BSides Athens saw a great and varied programme presented in the Greek capital. VB's Martijn Grooten was pleased to attend.

Posted by Martijn Grooten on Jul 7, 2017

Spreading 'FUD' in the wake of cyber-attacks is never a good idea. But it's even worse when this might be one of the attackers' implicit goals.

Posted by Martijn Grooten on Jul 7, 2017

For the third year in a row, we have set aside a limited number of student tickets for the Virus Bulletin conference, to allow 'next-generation' security researchers to experience one of the most important gatherings of security researchers around the world.

Posted by Martijn Grooten on Jul 4, 2017

Virus Bulletin has opened nominations for the fourth annual Péter Szőr Award, for the best piece of technical security research published between 1 July 2016 and 30 June 2017.

Posted by Martijn Grooten on Jul 3, 2017

According to some researchers, there is some evidence linking the recent (Not)Petya attacks with the BlackEnergy group - which became infamous for its targeted attacks against the Ukraine. At VB2016, ESET researchers Anton Cherepanov and Robert Lipovsky spoke about BlackEnergy, providing an overview of the group's attacks. Today, we publish their paper.

Posted by Martijn Grooten on Jun 30, 2017

As WannaCry and (Not)Petya have shown, malware attacks can do a lot of damage. So is staying safe just a case of following good security advice?

Previous1...3334353637...215Next

Search blog

APWG and FTC combine to fight ID fraud

Agencies join forces to release safety guidance documents.
Agencies join forces to release safety guidance documents. The Anti-Phishing Working Group (APWG) and the US Federal Trade Commission (FTC) have pooled their resources and… https://www.virusbulletin.com/blog/2007/09/apwg-and-ftc-combine-fight-id-fraud/

Monster haul of data reaped from job site

Trojan gathers 1.6 million sets of jobseeker records.
Trojan gathers 1.6 million sets of jobseeker records. Researchers at Symantec have reported discovering a server carrying 1.6 million entries from the popular jobseeking website… https://www.virusbulletin.com/blog/2007/08/monster-haul-data-reaped-job-site/

Phish poses as Sophos malware alert

Fake security alarm lures users to spoofed site.
Fake security alarm lures users to spoofed site. A phishing email recently spammed out uses the name of security firm Sophos to lend credence to a fake malware alert, designed to… https://www.virusbulletin.com/blog/2007/08/phish-poses-sophos-malware-alert/

Facebook users warned of phishing dangers

41% happy to hand out personal data to strangers.
41% happy to hand out personal data to strangers. Research carried out by Sophos has found that 41% of users of hugely popular social networking site Facebook risk revealing… https://www.virusbulletin.com/blog/2007/08/facebook-users-warned-phishing-dangers/

House of Lords warns of e-crime fears

Report recommends harder, smarter fight against online dangers.
Report recommends harder, smarter fight against online dangers. A major report by the Science and Technology Committee of the UK's House of Lords has found the internet to be rife… https://www.virusbulletin.com/blog/2007/08/house-lords-warns-e-crime-fears/

57% of spam scam sites hosted in US

Study investigates sites and servers linked to from spam.
Study investigates sites and servers linked to from spam. A detailed investigation into the distribution and usage of webservers to host the various 'scams' pushed by spam… https://www.virusbulletin.com/blog/2007/08/57-spam-scam-sites-hosted-us/

Malware and phishing cost US users $7 billion in two years

Survey finds 1 in 4 risk of being hit by viruses, spyware and scams.
Survey finds 1 in 4 risk of being hit by viruses, spyware and scams. US consumer watchdog Consumer Reports has unveiled its annual 'State of the Net' study, showing serious numbers… https://www.virusbulletin.com/blog/2007/08/malware-and-phishing-cost-us-users-7-billion-two-years/

26 phishing arrests in Italy

Police swoop on Poste Italiane spam scam gangs.
Police swoop on Poste Italiane spam scam gangs. In a first for Italy, the Guardia Di Finanza has made 26 arrests from two separate groups of phishing fraudsters, in the culmination… https://www.virusbulletin.com/blog/2007/07/26-phishing-arrests-italy/

UK users ignoring security issues

Surveys find public in the dark and careless about sensitive data.
Surveys find public in the dark and careless about sensitive data. Several surveys out this week have shown the UK public is failing to take basic security precautions to protect… https://www.virusbulletin.com/blog/2007/06/uk-users-ignoring-security-issues/

100,000 new phishing sites set up in 7 days

IBM sees huge rise in kit-build scam sites.
IBM sees huge rise in kit-build scam sites. Phishing watchers at IBM's X-Force research team have recorded an enormous burst of phishing activity in the last seven days, with over… https://www.virusbulletin.com/blog/2007/06/100-000-new-phishing-sites-set-7-days/

Phisher gets six years

Californian receives 70-month prison sentence, avoids 101 years behind bars.
Californian receives 70-month prison sentence, avoids 101 years behind bars. A Californian man, found guilty in January this year of operating a phishing scheme aimed at scamming… https://www.virusbulletin.com/blog/2007/06/phisher-gets-six-years/

Phishing techniques and technology revealed

Serious software used to analyse phished data, and a phisher talks.
Serious software used to analyse phished data, and a phisher talks. Some insights into the workings of phishing scams were revealed this week, as a sophisticated tool designed to… https://www.virusbulletin.com/blog/2007/05/phishing-techniques-and-technology-revealed/

Phishing moves into more new areas

Surveys, phone lines, USB sticks and call girls the latest tactics for spammers and phishers.
Surveys, phone lines, USB sticks and call girls the latest tactics for spammers and phishers. The latest social-engineering methods being put to use by phishers show no let up in… https://www.virusbulletin.com/blog/2007/05/phishing-moves-more-new-areas/

« Previous 1234 Next »

VB Blog

DMARC: an imperfect solution that can make a big difference

Advanced and inept persistent threats to be discussed at VB2017

Password security is 1% choosing a half-decent password, 99% not using it anywhere else

Save the dates: VB2018 to take place 3-5 October 2018

Review: BSides Athens 2017

Let's not help attackers by spreading fear, uncertainty and doubt

Calling next-gen security researchers: student discount for VB2017 announced

Nominations opened for fourth Péter Szőr Award

VB2016 paper: BlackEnergy – what we really know about the notorious cyber attacks

Security advice in the wake of WannaCry and Not(Petya)